A honeypot, in the context of computer network security, can include software and hardware resources that are intended detect, deflect, or counteract attempts at unauthorized use of information systems. In some examples, honeypots can include simulated network resources such as simulated virtual machines, simulated storage, and the like, but in other examples, real network resources can be a part of a honeypot. Some honeypots are designed to trick malicious users into believing that they are using or have access to legitimate resources or important data, when in reality the resources are simulated or the data that the malicious user has access to is not real. Additionally, honeypots can act as a decoy for malicious users. For example, a honeypot can provide a seemingly easy or attractive intrusion point into a network that acts as a distraction from other network vulnerabilities and locations of sensitive information.
Accordingly, with malicious users believing that they have been undetected and have access to resources and information of interest, the actions of these malicious users can be tracked and neutralized. For example, by allowing malicious users to act within honeypots can allow network administrators to learn about potential security risks of a network and gain information about malicious users that can be provided to law enforcement or can otherwise be used to stop these malicious users. However, while honeypots can be valuable tools for learning about, containing and deflecting malicious users, generating honeypot computing resources for malicious users can tie up valuable computing resources that could otherwise be used by legitimate users that deserve the availability of high quality computing resources that are able to scale as necessary. Moreover, a service provider that services customers by providing such computing services will often not receive payment for computing resources used by malicious users because many malicious users will not pay their bill or will pay using fraudulent payments that will eventually need to be reimbursed or voided.